CLEANSTART-2026-QA91937 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-r6j8-c6r2-37rr applied in versions: 0.18.3-r1, 0.18.3-r2

Multiple security vulnerabilities affect the node-feature-discovery package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2023-47833

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeroen Schmit Theater for WordPress plugin = 0.18.3 versions...

PT-2023-20023 · Azuracast · Azuracast

Name of the Vulnerable Software and Affected Versions: AzuraCast versions prior to 0.18.3 Description: The issue is related to improper restriction of excessive authentication attempts in the AzuraCast GitHub repository. Specifically, the request rate limiting feature on the login page can be...

GHSA-V3C5-JQR6-7QM8 Python Charmers Future denial of service vulnerability

An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. This issue has been patched in version 0.18.3...

PHP League CommonMark library cross-site scripting vulnerability

PHP League CommonMark library is a PHP-based Markdown parser from the Extraordinary Packages consortium. A cross-site scripting vulnerability exists in PHP League CommonMark library versions prior to 0.18.3, which stems from the program failing to properly escape double-encoded HTML entities. A...

DEBIAN-CVE-2017-14265

A Stack-based Buffer Overflow was discovered in xtransinterpolate in internal/dcrawcommon.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack...